DoS Vulnerability in ClamAV Affects InstallShield File Format Parsing
CVE-2026-20216
7.5HIGH
What is CVE-2026-20216?
A flaw in the InstallShield file format parser within ClamAV allows unauthorized remote attackers to initiate a Denial of Service (DoS) condition. This vulnerability arises from improper management of temporary resources during file scanning processes. By submitting a specially crafted InstallShield file for scanning, an attacker can disrupt the ClamAV scanning service, leading to a temporary exhaustion of system resources and potential unavailability of the service.
Affected Version(s)
Cisco Secure Endpoint 7.0.5
Cisco Secure Endpoint 6.2.19
Cisco Secure Endpoint 7.3.3